Many electronic devices such as personal computers, and mobile devices including mobile phones and tablet devices, use some form of authentication. “Identity management” poses the challenge of authentication—validating that an individual is who he says he is. Many applications require an authentication factor in the form of something the person knows, typically a password that must be input into the device to gain access. Typically, individuals are associated with usernames and passwords in order to gain access to computer systems. This has traditionally meant remembering and entering unique user names and passwords for the computer, secured applications and websites. In systems requiring additional security control such as online banking, individuals have been required to use “two factor authentications.” This requires multiple types of identification such as a password plus a PIN or token. Keeping track of numerous passwords and constantly entering them has become inconvenient at best, and unmanageable for many.
A password is most often typed onto a keyboard or other interface which then allows the user to gain partial or full access to the utility of the device and/or network. A problem with using passwords is that they are time consuming and inconvenient to enter. Users often use informal passwords or share their password with others, compromising system security. These practices diminish the password's value and make it difficult to have an accurate auditing of access. Moreover, passwords can be difficult to administer when forgotten or misplaced.
It also is known to use biometric authentication to gain access to electronic devices. Biometric authentication using facial recognition is often used. Other biometric authentication techniques include, for example, voice recognition, fingerprints, palm print, hand geometry, iris recognition, retinal scan, palm print, and DNA. Still other techniques use a gesture, such as gestures associated with a device's display. Examples of gesture recognition technique include the user touching a device's touch screen, and movements that are recognized by the device.
While various applications using biometric authentication, and applications using authentication via gestures, are separately known in the art, there is a need for a system and method that combines these techniques in providing robust security. Additionally, there is a need for a system and method that combines these techniques so as to provide flexible, user-friendly access to electronic devices.